exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

Files Date: 2004-07-08

Posted Jul 8, 2004
Site lists.shorewall.net

A vulnerability exists in the way that Shorewall handles temporary files and directories. The vulnerability can allow a non-root user to cause arbitrary files on the system to be overwritten.

tags | advisory, arbitrary, root
SHA-256 | 6bbcf5bce92926266ba6aa58e3adb70e229a5eb9bfe6b537a38b1e8a69b62d57
iDEFENSE Security Advisory 2004-07-08.t
Posted Jul 8, 2004
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 07.08.04: SSLtelnet contains a format string vulnerability that could allow remote code execution. The problem specifically exists within telnetd.c, on line 530 where an argument deficient call is made to syslog().

tags | advisory, remote, code execution
advisories | CVE-2004-0640
SHA-256 | 4e543388d663cd33875f49d23593b699a5be1be2e1f2f992845ce28c404f7be4
Mozilla Security Advisory 2004-07-07
Posted Jul 8, 2004
Authored by Dan Veditz, Mozilla Foundation | Site mozilla.org

Mozilla Security Advisory - Windows versions of Mozilla products pass URIs using the shell: scheme to the OS for handling. The effects depend on the version of windows, but on Windows XP it is possible to launch executables in known locations or the default handlers for file extensions. It could be possible to combine this effect with a known buffer overrun in one of these programs to create a remote execution exploit, although at this time we have confirmed only denial-of-service type attacks. Versions affected: Mozilla (Suite), Mozilla Firefox, Mozilla Thunderbird.

tags | advisory, remote, overflow, shell
systems | windows
SHA-256 | 57a70625f36b6696077650b535747f47f76c4268befe5b019d687be4e6f7857d
Posted Jul 8, 2004
Authored by James C. Slora Jr.

Outlook 2000 and 2003 allow execution of remote web pages specified within the data property of OBJECT tags when there is no closing /OBJECT tag, while forwarding an HTML email message using Word 2000 or 2003 as the email editor. This behavior happens regardless of Security Zone settings.

tags | advisory, remote, web
SHA-256 | 77a5bf7ed41d1d5076c78d070bbafd955f62a940782384b651ebf42c89e813da
Nmap Scanning Utility 3.55
Posted Jul 8, 2004
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings. Full changelog available here.

Changes: Added MAC address printing, more fingerprints, various other features, and bug fixes.
tags | tool, remote, udp, tcp, protocol, nmap
systems | unix
SHA-256 | 1b75a20d79feeee28b5d39c239eb30468b742b7ddd073470e90cf0f92e2593da
Posted Jul 8, 2004
Authored by DG | Site geschke-online.de

FLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.

Changes: Feature enhancements and bug fixes.
tags | tool, sniffer
SHA-256 | 84b189826dc1420aa93d5606a2abac3ef90da339f45f43d57b91514047c8d749
Posted Jul 8, 2004
Authored by bambam

A .diff file, applied to the MySQL 5.0.0-alpha source distribution will allow building a MySQL client that can be used to connect to a remote MySQL server with no password.

tags | exploit, remote
SHA-256 | 576c8349f99ca721889a85397e1a11e6091d306a88102e339b9bede903f555e3
Posted Jul 8, 2004
Authored by Laurent Constantin | Site laurentconstantin.com

Netwox is a utility that can be thought of as a one stop shop network toolbox. It includes a graphical front-end called Netwag. This kit comes with 150 tools that can be used to perform a multitude of tasks that are very useful to any administrator. It supports various protocols (DNS, FTP, HTTP, NNTP, SMTP, SNMP) and performs low level functions like sniffing, spoofing traffic, and playing client/server roles. Both Windows and Unix versions are included.

Changes: Feature enhancements and bug fixes.
tags | tool, web, spoof, protocol
systems | windows, unix
SHA-256 | 240958dc64c5ec558968cd9f12dabc9019c76506dbbae1c6fb366f02872ab4ff
Page 1 of 1

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    10 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By